kinto

Protocol

• When a record is pushed with an older timestamp, the collection
  timestamps is not bumped anymore. (#1361)

New features

• A new custom logging formatter is available in kinto.core. It fixes the issues of
  mozilla-cloud-services-logger <https://github.com/mozilla/mozilla-cloud-services-logger>_.
  Consider migrating your logging settings to :

[formatter_json]
class = kinto.core.JsonLogFormatter

Bug fixes

• Do not log empty context values (ref #1363)
• Fixed some attributes in logging of errors (ref #1363)
• Fixed logging of method/path of batch subrequests (ref #1363)
• Fix removing permissions with Json Merge (#1322).

Internal changes

• Moved PostgreSQL helper function to Python code (ref #1358)

Bug fixes

• Use the KINTO_INI env variable to findout the configuration file. (#1339)
• Fix create-user command for PostgreSQL backend (#1340)
• Make sure create-user command updates password (#1336)

• Add a memcached cache backend (#1332)

• Failed to publish Kinto Admin

New features

• Add a create-user kinto command (#1315)

Bug fixes

• Fix pagination token generation on optional fields (#1253)

Bug fixes

• The PostgreSQL cache backend now orders deletes according to keys,
  which are a well-defined order that never changes. (Fixes #1308.)

Internal changes

• Now all configuration options appear as commented lines on the configuration
  template (#895)
• Added task on PR template about updating the configuration template
  if a new configuration setting is added.
• Use json instead of ujson in storage in tests (#1255)
• Improve Docker container to follow Dockerflow recommendations (fixes #998)

Bug fixes

• Fix bug in Postgres backend regarding the handling of combining
  filters and NULL values. (See #1291.)

New features

• Account plugin now allows account IDs to be email addresses (fixes
  #1283).

Bug fixes

• Make it illegal for a principal to be present in
  account_create_principals without also being in
  account_write_principals. Restricting creation of accounts to
  specified users only makes sense if those users are "admins", which
  means they're in account_write_principals. (Fixes #1281.)
• Fix a 500 when accounts without an ID are created (fixes #1280).
• Fix StatsD unparseable metric packets for the unique user counter (fixes #1282)

Internal changes

• Upgraded the kinto-admin to version 1.14.0

Bug fixes

• Fix permissions endpoint when using account plugin (fixes #1276)

Bug fixes

• Fix missing collection_count field in the rebuild-quotas script.
• Fix bug causing validation to always succeed if no required fields are present.

Internal changes

• Upgraded to Pyramid-tm 2 (fixes #1187)

API

• Filtering with like can now contain wild chars (eg. ?like_nobody=*you*).
  It is thus now impossible to search for the * character with this operator.
• Handle querystring parameters as JSON encoded values
  to avoid treating number as number where they should be strings. (#1217)
• Introduce has_ filter operator (fixes #344).

API is now at version 1.17. See API changelog

Bug fixes

• Several changes to the handling of NULLs and how the full range of
  JSON values is compared in a storage backend (PR #1258). Combined
  with #1252, this should fix #1215, #1216, #1217 and #1257, as well as
  possibly some others.
• Fix requests output when running with make serve (fixes #1242)
• Fix pagination on permissions endpoint (fixes #1157)
• Fix pagination when max fetch storage is reached (fixes #1266)
• Fix schema validation when internal fields like id or last_modified are
  marked as required (fixes #1244)
• Restore error format for JSON schema validation errors (which was
  changed in #1245).

Internal changes

• Add check on account plugin to avoid conflict with default basicauth policy (fixes #1177)
• Add documentation about Kinto Admin plugin (fixes #858)

New features

• delete() method from cache backend now returns the deleted value (fixes #1231)
• kinto rebuild-quotas script was written that can be run to
  repair the damage caused by #1226 (fixes #1230).

Bug fixes

• The default_bucket plugin no longer sends spurious "created"
  events for buckets and collections that already exist. This causes
  the quotas plugin to no longer leak "quota" when used with the
  default_bucket plugin. (#1226)
• Fix removal of timestamps when parent object is deleted (fixes #1233)
• Do not allow to reuse deletion tokens (fixes #1171)
• accounts plugin: fix exception on authentication. (#1224)
• Fix crash with JSONSchema validation of unknown required properties (fixes #1243)
• Fix bug on bucket deletion where other buckets could be deleted too if their id
  started with the same id
• Fix permissions of accounts created with PUT by admin (ref #1248)
• Fix ownership of accounts created with POST by admin (fixes #1248)

Internal changes

• Make memory storage consistent with PostgreSQL with regard to bytes (#1237)
• Some minor cleanups about the use of kinto.readonly (#1241)

Backporting a bunch of things to the 6.X branch.

New feature

• kinto rebuild-quotas script was written that can be run to
  repair the damage caused by #1226 (fixes #1230).

Bug fixes

• The default_bucket plugin no longer sends spurious "created"
  events for buckets and collections that already exist. This causes
  the quotas plugin to no longer leak "quota" when used with the
  default_bucket plugin. (#1226)
• Fix race conditions on deletions with upsert in PostgreSQL storage.update() (fixes #1202).
• Fix PostgreSQL backend race condition when replacing permissions of an object (fixes #1210)
• Fix missing package.json file in package. (#1222)
• Fix removal of timestamps when parent object is deleted (fixes #1233)

Bug fixes

• Fix missing package.json file in package. (#1222)

Internal changes

• Upgraded the kinto-admin to version 1.13.3

Breaking changes

• The flush endpoint is now a built-in plugin at kinto.plugins.flush and
  should be enabled using the includes section of the configuration file.
  KINTO_FLUSH_ENDPOINT_ENABLED environment variable is no longer supported. (#1147)
• Settings with cliquet. prefix are not supported anymore.
• Logging configuration now relies on standard Python logging module (#1150)

Before:

kinto.logging_renderer = kinto.core.logs.ClassicLogRenderer

Now:

[handler_console]
...
formatter = color

[formatters]
keys = color

[formatter_color]
class = logging_color_formatter.ColorFormatter

• Forbid storing bytes in the cache backend. (#1143)
• kinto.core.api was renamed to kinto.core.openapi (#1145)
• Logging extra information on message must be done using the extra keyword
  (eg. logger.info('msg', extra={a=1}) instead of logger.info('msg', a=1))
  (#1110, #1150)
• Cache entries must now always have a TTL. The ttl parameter of cache.set()
  is now mandatory (fixes #960).
• get_app_settings() from kinto.core.testing.BaseWebTest is now a
  class method (#1144)

Protocol

• Groups can now be created with a simple PUT (fixes #793)
• Batch requests now raise 400 on unknown attributes (#1163).

Protocol is now at version 1.16. See API changelog_.

New features

• Enforce the permission endpoint when the admin plugin is included (fixes #1059)
• Access control failures are logged with WARN level (fixes #1074)
• Added an experimental :ref:Accounts API <api-accounts> which allow users to sign-up
  modify their password or delete their account (fixes #795)

Bug fixes

• Fix Memory backend sometimes show empty permissions (#1045)
• Allow to create default bucket with a PUT request and an empty body (fixes #1080)
• Fix PostgreSQL backend when excluding a list of numeric values (fixes #1093)
• Fix ignore_conflict storage backend create method parameter to
  keep the existing rather than overriding it. (#1134)
• Fix impacted records of events generated by implicit creation in default
  bucket (#1137)
• Removed Structlog binding and bottlenecks (fixes #603)
• Fixed Swagger output with subpath and regex in pyramid routes (fixes #1180)
• Fixed Postgresql errors when specifying empty values in querystring numeric filters. (fixes #1194)
• Return a 400 Bad Request instead of crashing when the querystring contains bad characters. (fixes #1195)
• Fix PostgreSQL backend from deleting records of the same name in
  other buckets and collections when deleting a bucket. (fixes #1209)
• Fix race conditions on deletions with upsert in PostgreSQL storage.update() (fixes #1202)
• Fix PostgreSQL backend race condition when replacing permissions of an object (fixes #1210)
• Fix crash when deleting multiple buckets with quotas plugin enabled (fixes #1201)

Internal changes

• Do not keep the whole Kinto Admin bundle in the repo (fixes #1012)
• Remove the email example from the custom code event listener tutorial (fixes #420)
• Removed useless logging info from resource (ref #603)
• Make sure prefixed userid is always first in principals
• Run functional tests on PostgreSQL
• Fix tests with Pyramid 1.9a
• Removed useless deletions in quota plugin
• Upgraded the kinto-admin to version 1.13.2

Bug fixes

• Prevent PostgreSQL backend from deleting records of the same name in other buckets and collections when deleting a bucket. (fixes #1209)

Documentation

• Fix installation instructions (#1204)

Internal changes

• Fix tests with Pyramid 1.9a (#1208)

Bug fixes

• Upgrade kinto-admin with [email protected].

Bug fixes

• Return a 400 Bad Request instead of crashing when the querystring contains bad characters. (fixes #1195)
• Fixed Postgresql errors when specifying empty values in querystring numeric filters. (fixes #1194)
• Upgrade the kinto-admin to v1.13.3

Bug fixes

• Upgrade the kinto-admin to v1.13.2

Bug fixes

• Upgrade the kinto-admin to v1.13.1.
• Fixed Swagger when routes contain subpath/regexp (fixes #1180)